WPA2 Enterprise Networking Support

nhf

#1

I’ve already been in contact with support on this, but I just wanted to highlight what I think is a fundamental flaw with Glowforge’s WiFi networking support. Currently Glowforge doesn’t support Enterprise networks (UserID/PW). Until they do, I’m dead in the water. Yes, there are workarounds involving the setup of hotspots, etc., but that’s not possible in my situation. I need official Enterprise network support. I really hope this is being worked on, otherwise I’ve waited 2 years for nothing.


#2

Could you use a cheap wired ethernet to wifi bridge?


#3

Unfortunately we’re not allowed to create any unauthorized networks at my site. Otherwise that would be a simple solution.


#4

#5

You will just have to take it home, and work from there.


#6

^This for the win!


#7

Yeah, this is a big problem for those of us who use our Glowforges at work. This really needs to get fixed.

Luckily for me my employer has, in addition to our real wifi network, a separate unauthenticated wifi network that lacks access to our critical stuff and has crazy restricted firewall rules (literally the only TCP ports open are 80 and 443) but that works for the Glowforge, as it only needs web access. But that network could go away at any time; they’ve been threatening to get rid of it for years.


#8

If you have a PC with Win10, the GF can share its internet connection. I found that workaround back in October (because of needing to use it at a local university) and posted the “how to” but I don’t know if it was one of my “Dispatch from the front” posts. No harder than setting it up on a wifi AP.


Connecting to University WiFi
#9

Talk to your friendly WiFi administrator.

There is a new feature in Cisco Enterprise Wireless called IdentityPSK. It allows an individual password for each device (based on MAC address). It might go a long way to address security concerns.

Devices that use PSK-only are not uncommon. Thinks like ChromeCasts and other consumer oriented devices do not support WPA2-Enterprise.


#10

We have been trudging through this very issue at the University I am at.

For what it is worth, we found that there may be two different MAC addresses that the Glowforge uses for set up. While connecting to the ad-hoc setup network we captured a MAC address starting with 02:00:05:xx:xx:xx on the ARP table of the computer connected for setup. We set up the fingerprinting system to detect that MAC, but it was never showing up.

We then had a second computer with two WiFi cards broadcast a bridged network. After successfully setting up the Glowforge through that system (it was able to connect to the cloud) we found that the MAC attached to the computer was a 5C:C5:D4:xx:xx:xx address. That address showed up in the fingerprinting backend when we tried to connect to the enterprise WiFi again.

I did a cursory look through the forums to see if others were experiencing this. It seems to directly contradict what Glowforge support has said about the MAC scheme on the device. So we may be detecting MACs incorrectly. We are going to keep poking around in trying to get this system set up.

But yes, it would seem that there are three very simple ‘features’ that should have been implemented from the start: 1) Documenting the MAC address(es) of the device 2) Supporting Enterprise WPA2 3) Including a Ethernet port for a hardwired connection.


#11

thanks you both. I am considering setting up a mobile hotspot with my phone, to see if I can at least get some idea whether the GF wifi is or is not the issue.

I am also composing a specific report for GF support, and see what they have to say. I would just like to know where they are on this issue regarding enterprise networks and some wifi devices…what the official recommended fix is. I will try to post their responses.

I will pass the information you shared with our IT people at the college; in addition to info I scraped from the forum this morning.

thanks again


#12

I’m having the same issue here at my university. I was able to get the Mac address by using some command line tools on my macintosh. I went through the initial set up, and write after connecting the laptop to the Mac address, I did a “ping 192.168.192.1” followed by a “arp -p”. The latter command took some time to execute, but it came up with an Mac address for my machine.
When I took the Mac address to ITD, I hoped they would be able to just add an exception to the system so I could connect to it. They said they needed to do a network scan to see this Mac address on the network before they could make the exception. Since the glowforge times out on the network connection in 30 seconds, they couldn’t catch it trying to connect. It is maddening.
I have a work order in to see if this can be fixed by directly entering the Mac ID into the network table by those who can do the magic.
In the mean time, I was able to get it connected to the network by tethering it and my laptop to my phone. It worked -but it doesn’t really solve the problem for other users.


#13

So can you change the MAC address on your laptop to the one GF is going to use, connect it and have IT scan. Then once they’ve verified, change your laptop back and fire up the GF?


#14

So we’re coming up on 2 months now with my Glowforge sitting there gathering dust. My boss asked me this morning if we were ever going to get it running. Told him I had no clue. I know Enterprise Networking support is in the hopper, but I really hope it gets some attention soon. I need to get this thing up and running soon or I’ll need to start looking for another solution.


#15

Between what is in the hopper and the features not yet rolled out, I would expect a long wait. If you absolutely cannot work something out with IT to get around their policies, then personally, I would start looking.


#16

Their total refusal to give any indication of software time scales means things in the hopper could be days or years away and perhaps never. Businesses can’t work with that level of uncertainty.

I bought mine originally for a specific business use that needed accurate pass through alignment and the filter. Fortunately when I found out they were not “shipping in December 15” I abandoned those plans. Nearly two and a half years later those features are not working and I have no idea when or if they ever will.


#17

If you’ve got a Windows10 PC you’re using with the GF, you can set it up to share its internet connection with the GF. You don’t need to setup a new wifi AP to make it work.

I’ve done this where the only internet access was via an Ethernet cable. So I used the Win10 sharing function and it worked fine.

I did a post back in October about how to do this as I had a problem with a MakerFaire I was demoing at where their WiFi required a user ID & password and phone tethering wasn’t working due to the lack of wireless (dead area).


#18

We had a similar problem at the college where I work. Fortunately, I’m pretty friendly with our IT department and they set us up with a dedicated router. The only catch is I have to turn the router on and off for each use since it is unsecured.


#19

Why not secure it with the non-enterprise version of WPA2?